baeke.info :: VMWare whitepaper about LUN security

About

You arrived at the weblog of Geert Baeke. I am a technology consultant for a company called Xylos (Belgium). I mostly work with Microsoft technologies such as Windows, Active Directory, Exchange, Sharepoint, MSCS, and more. I am also actively busy with VMware's products, focussing on VMware ESX.

Sections

Tutorials

Twitter

follow GeertBaeke at http://twitter.com

XBOX 360

RSS Newsfeeds

Main Page RSS

Main Page

Previous:	ESX and Unisys ES7000
Next:	GSX in production environments

VMWare whitepaper about LUN security

by rastix on Tue 14 Mar 2006 11:53 AM CET | Permanent Link | Cosmos

VMWare has published a whitepaper about LUN security in ESX. This is mainly in response to an article about potential security issues with ESX in a SAN environment. That article was quickly dismissed by people with knowledge about ESX.

ESX presents virtual SCSI devices to virtual machines. The virtual machines only see that virtual device. Even with raw device mappings, the virtual machine only sees the LUN that is assigned to it and cannot do anything else like scan for other LUNs on the SAN etc...

The whitepaper from VMWare also talks a little bit about N-Port ID virtualization (NPIV) which will provide a WWN-to-VM mapping. This allows storage admins to configure visibility of a SAN LUN to a virtual machine with their native toolset. Even with NPIV, virtual machines will only see the LUN that is assigned.

Posted to:

Main Page

Virtual Machines

Comments

Post a comment

No comments found.

Trackbacks

TrackBack URL:
http://blog.baeke.info/blog/_trackback/1819980

No trackbacks found.

Post comment:

	Receive comment notifications for this article
Subject:
Comment:

Comment verification:

Please enter the text you see inside the graphic to post your comment:

You are not currently logged in. If you would like your user information to be displayed with your comment, please enter your login information below.